Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
Re: [suse-security] IPTABLES Command slows down the machine
  • From: "Mark Perry" <PERRY@xxxxxxxxxx>
  • Date: Fri, 25 Jul 2003 12:27:11 +0200
  • Message-id: <OF8ADF7AFA.B7C3B940-ONC1256D6E.00393B10-C1256D6E.00399A53@xxxxxxxxxx>
Are you perhaps restricting some ports that are required by some of the
applications run during KDE startup?
For example are you blocking DNS?

In any case you should design your iptables script to LOG DROPS/REJECTS so
that you can see what your iptables rules are actually doing.

>From the information you have presented no one is likely to give you an
exact answer.

If you wish more assistance please show your script and any LOG'ed records
that may be relevant.

All the Best / Mit Freundlichen Gruessen
Mark G. Perry

IBM Germany Development GmbH / IBM Deutschland Entwicklung GmbH
Schoenaicher Strasse 220, 71032 Boeblingen, Germany
Email/Sametime: perry@xxxxxxxxxx
Office Tel: (+49)-7031-16-3626


|---------+---------------------------->
| | "Knut Erik |
| | Hauslo" |
| | <KNUTH@xxxxxxxxxx|
| | om> |
| | |
| | 25/07/2003 11:16 |
| | |
|---------+---------------------------->
>-------------------------------------------------------------------------------------------------------------------------------|
| |
| To: <suse-security@xxxxxxxx> |
| cc: |
| Subject: [suse-security] IPTABLES Command slows down the machine |
| |
>-------------------------------------------------------------------------------------------------------------------------------|




Hi all,

I have a nice IPTABLES Script which i start upon booting the server
(/etc/init.d/boot.local).

One of the first commands is this line:
IPTABLES="/usr/sbin/iptables"

If if run the script without this command, none of the rules are active.
If i boot my server with the above command enabled however, the KDE
login takes so much longer time and any application I start takes long
to open too.

The rules are working fine, and it seems that firewall-functions are
being handled in a timely fashion (i have tested it while having my
sniffer observe..)

PS: I am a newbie to Linux and IPTABLES, please beare with me.

Cheers
Knut Erik

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here






< Previous Next >